Security Bulletin: IBM MQ Appliance vulnerable to "Terrapin" attack in OpenSSH (CVE-2023-48795)
Summary By manipulating sequence numbers during SSH connection setup, a MITM attacker can delete negotiation messages without causing a MAC failure. To mitigate this vulnerability, IBM MQ Appliance has removed the chacha20-poly1305 cipher and all etm HMACs from the default set of algorithms...
5.9CVSS
6.9AI Score
0.963EPSS
Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service attack (CVE-2024-35116)
Summary IBM MQ Appliance has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-35116 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error applying configuration changes. CVSS Base score: 5.9 CVSS Temporal Score: See: ...
5.9CVSS
6.5AI Score
0.0005EPSS
[SECURITY] Fedora 40 Update: moodle-4.3.5-1.fc40
Moodle is a course management system (CMS) - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning...
6.7AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: moodle-4.3.5-1.fc39
Moodle is a course management system (CMS) - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning...
6.7AI Score
0.0004EPSS
Security Bulletin: IBM MQ is vulnerable to a denial of service attack (CVE-2024-35116)
Summary IBM MQ has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-35116 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error applying configuration changes. CVSS Base score: 5.9 CVSS Temporal Score: See: ...
5.9CVSS
6.1AI Score
0.0005EPSS
Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ Console. Vulnerability Details CVEID: CVE-2024-35155 DESCRIPTION: IBM MQ Console could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...
6.5CVSS
6.1AI Score
0.0004EPSS
Security Bulletin: IBM MQ is affected by a password disclosure vulnerability (CVE-2024-35156)
Summary IBM MQ has addressed a password disclosure vulnerability in the IBM MQ REST API. Vulnerability Details CVEID: CVE-2024-35156 DESCRIPTION: IBM MQ could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...
6.5CVSS
6.1AI Score
0.0004EPSS
Security Bulletin: IBM MQ is affected by a vulnerability in Eclipse Jetty (CVE-2024-22201)
Summary An issue was found in Eclipse Jetty that is shipped with the IBM MQ Explorer. Vulnerability Details CVEID: CVE-2024-22201 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by a flaw when an HTTP/2 connection gets TCP congested. By sending a specially crafted request,.....
7.5CVSS
6.5AI Score
0.0004EPSS
Summary An issue was identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ. Vulnerability Details CVEID: CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low...
3.7CVSS
5.7AI Score
0.0004EPSS
Summary Multiple issues were identified with IBM WebSphere Application Server Liberty, which IBM MQ ships and uses to supply IBM MQ Console and IBM MQ REST API functionality. Vulnerability Details CVEID: CVE-2024-25026 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere...
7.5CVSS
7.7AI Score
0.0004EPSS
Security Bulletin: IBM MQ is vulnerable to a denial of service attack (CVE-2024-31919)
Summary IBM MQ has addressed a denial of service vulnerability caused by an error processing messages when an API Exit using MQBUFMH is used. Vulnerability Details CVEID: CVE-2024-31919 DESCRIPTION: IBM MQ, in certain configurations, is vulnerable to a denial of service attack caused by an error...
5.9CVSS
6.3AI Score
0.0004EPSS
Security Bulletin: IBM MQ is vulnerable to a privilege escalation attack (CVE-2024-31912)
Summary IBM MQ has addressed a privilege escalation vulnerability. Vulnerability Details CVEID: CVE-2024-31912 DESCRIPTION: IBM MQ could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. CVSS Base score: 7.5 CVSS Temporal...
7.5CVSS
6.5AI Score
0.0004EPSS
Fedora: Security Advisory for moodle (FEDORA-2024-9df8ef935b)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
IBM MQ 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7157976)
The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7157976 advisory. IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service,...
7.5CVSS
7.8AI Score
0.0004EPSS
Debian dsa-5723 : libcolorcorrect5 - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5723 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5723-1 [email protected] ...
6.9AI Score
EPSS
IBM MQ 9.0 <= 9.0.0.26 / 9.1 <= 9.1.0.22 / 9.2 <= 9.2.0.26 / 9.3 < 9.4 CD (7158057)
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158057 advisory. Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can...
7.5CVSS
7.5AI Score
0.0004EPSS
IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD Privilege Escalation (7158072)
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158072 advisory. IBM MQ could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. (CVE-2024-31912) Note that...
7.5CVSS
7AI Score
0.0004EPSS
The Windows Registry Adventure #3: Learning resources
Posted by Mateusz Jurczyk, Google Project Zero When tackling a new vulnerability research target, especially a closed-source one, I prioritize gathering as much information about it as possible. This gets especially interesting when it's a subsystem as old and fundamental as the Windows registry......
5.5CVSS
6.7AI Score
0.001EPSS
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7157979 advisory. IBM MQ, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used....
5.9CVSS
6.9AI Score
0.0004EPSS
IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7150929)
The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7150929 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of ...
7.5CVSS
7AI Score
0.001EPSS
7.8CVSS
8AI Score
0.001EPSS
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7157980 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are...
3.7CVSS
4.6AI Score
0.0004EPSS
IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7150045)
The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6 IBM. It is, therefore, affected by multiple vulnerabilities as referenced in the 7150045 advisory. Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons ...
6.6AI Score
0.0004EPSS
The version of Atlassian Jira Service Management Data Center and Server (Jira Service Desk) running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15309 advisory. This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0,...
7.4CVSS
7.3AI Score
0.0004EPSS
Releases Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages squid3 - Web proxy cache server Details Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of...
8.6CVSS
7.8AI Score
0.019EPSS
IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7158058)
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158058 advisory. IBM MQ could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used...
6.5CVSS
6.3AI Score
0.0004EPSS
Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-6857-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6857-1 advisory. Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to...
8.6CVSS
9.6AI Score
0.019EPSS
IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7158059)
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158059 advisory. IBM MQ Console could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...
6.5CVSS
6.3AI Score
0.0004EPSS
A vulnerability in the ioctl component of the Flatpak application and environment management tool is related to copying text from the virtual console and pasting it into the command buffer, from which the command can be run after exiting the Flatpak application. Exploitation of the vulnerability...
10CVSS
6.9AI Score
0.001EPSS
Fedora: Security Advisory for moodle (FEDORA-2024-020937763e)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
RHEL 9 : Red Hat build of MicroShift 4.16.0 (RHSA-2024:0043)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0043 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built...
2.7CVSS
4.6AI Score
0.0004EPSS
**SQL Injection Exposure in Promokit.eu Threatens Facebook's PrestaShop Customers ** PrestaShop is a free, open-source E-commerce platform launched in 2007. Built with PHP and MySQL, it offers customizable, scalable solutions for online stores. Features include product management, inventory...
7.7AI Score
0.0005EPSS
Developer Accounts Compromised Due to Credential Reuse in WordPress.org Supply Chain Attack
On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through the WordPress repository. Upon further investigation, our team quickly identified 4 additional affected plugins through our internal Threat...
8.4AI Score
Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s) listed in the...
8.8CVSS
8.6AI Score
0.0004EPSS
Summary IBM Master Data Management version 11.6 and 12.0 is impacted by vulnerability in IBM WebSphere Application Server. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...
4.8CVSS
6AI Score
0.0004EPSS
Takeaways From The Take Command Summit: Unprecedented Threat Landscape
The Rapid7 Take Command summit unveiled crucial findings from the 2024 Attack Intelligence Report, offering invaluable insights for cybersecurity professionals navigating today's complex threat landscape. Key takeaways from the 30 minute panel: Rise of Zero-Day Exploits: 53% of mass compromise...
7.6AI Score
Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Dashboards on Cloud Pak. IBM Cognos Dashboards on Cloud Pak has addressed these vulnerabilities by upgrading IBM® Java™. There are vulnerabilities in Open-Source Software (OSS) components consumed by IBM Cognos Dashboards....
10CVSS
9.7AI Score
0.107EPSS
Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2
Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...
7AI Score
Summary IBM Storage Protect for Virtual Environments: Data Protection for Hyper-V can be affected by a security flaw in IBM WebSphere Application Server Liberty. The flaw can lead to weaker than expected security for outbound TLS connections, as described in the "Vulnerability Details" section....
5.3CVSS
5.8AI Score
0.0004EPSS
Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by a security flaw in IBM WebSphere Application Server Liberty. The flaw can lead to weaker than expected security for outbound TLS connections, as described in the "Vulnerability Details" section....
5.3CVSS
5.8AI Score
0.0004EPSS
Summary IBM Storage Protect Backup-Archive Client can be affected by security flaws in IBM WebSphere Application Server Liberty and libcurl. The flaws can lead to weaker than expected security for outbound TLS connections and bypass of security restrictions, as described in the "Vulnerability...
6.5CVSS
7AI Score
0.001EPSS
Summary IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component. Apache Flink uses Commons Compress for handling compressed files and formats, enabling efficient data processing and storage. Vulnerability Details ** CVEID:...
8.1CVSS
6.9AI Score
0.001EPSS
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.6.0 Vulnerability Details ** CVEID: CVE-2022-25857 DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a...
9.8CVSS
10AI Score
EPSS
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties
In this post, I'll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that I reported in March 2024 as bug 331383939. A similar bug, 331358160, was also reported and was assigned CVE-2024-3832. Both of these bugs were fixed in version 124.0.6367.60/.61....
8.8CVSS
7.6AI Score
0.008EPSS
Multiple vulnerabilities in TP-Link Omada system could lead to root access
The TP-Link Omada system is a software-defined networking solution for small to medium-sized businesses. It touts cloud-managed devices and local management for all Omada devices. The supported devices in this ecosystem vary greatly but include wireless access points, routers, switches, VPN...
8.1CVSS
9.4AI Score
0.001EPSS
Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to cross-site scripting in the administrative console. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions...
4.8CVSS
5.9AI Score
0.0004EPSS
Summary Potential follow-redirects arbitrary phishing attack vulnerability ( CVE-2023-26159) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...
7.3CVSS
6.5AI Score
0.001EPSS
Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to cross-site scripting in the administrative console. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected....
4.8CVSS
5.9AI Score
0.0004EPSS
Summary IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2024-29018 DESCRIPTION: **moby could allow a remote attacker to obtain sensitive information, caused by incorrect resource transfer between spheres. By...
7.8CVSS
7.5AI Score
0.001EPSS
About a year ago I wrote that "I want to use XAES-256-GCM/11, which has a number of nice properties and only the annoying defect of not existing." Well, there is now an XAES-256-GCM specification. (Had to give up on the /11 part, but that was just a performance optimization.) XAES-256-GCM is an...
7.3AI Score